GlobalProtect Support for FIDO2 authentication by OS

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

GlobalProtect Support for FIDO2 authentication by OS

L3 Networker

Hello everyone,

 

I have a question about OS support for FIDO2 authentication using GlobalProtect.

 

Could you please tell me the following about each OS (Win10/Win11/macOS/iPhone/iPad/Android)?

 

1. Which GP versions support FIDO2 authentication?

2. Is FIDO2 authentication supported by the Embedded Browser or other browsers?

 

I would like an answer in the following format.

 

■Example answers
~~~~~~

・Win10/11:

 ・In GP versions with "Embedded Browser Framework Upgrade" (※), FIDO2 authentication is supported by the Embedded Browser and other browsers.

 ・In GP versions below the above, FIDO2 authentication is supported only by other browsers.

 

・macOS:

 ・In all GP versions, FIDO2 authentication is supported only by other browsers.(Because the Embedded Browser does not support macOS)

 

・iPhone:・・・
~~~~~~

 

(※) The following versions (reference is given below)
GP6.0.9 or later, 6.1.5 or later, 6.2.3 or later, 6.3 series

 

Features Introduced 6.0

https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-release-notes/features-introdu...

 

Features Introduced 6.1

https://docs.paloaltonetworks.com/globalprotect/6-1/globalprotect-app-release-notes/features-introdu...

 

Features Introduced 6.2

https://docs.paloaltonetworks.com/globalprotect/6-2/globalprotect-app-release-notes/features-introdu...

 

Features Introduced 6.3

https://docs.paloaltonetworks.com/globalprotect/6-3/globalprotect-app-release-notes/features-introdu...

 

2 REPLIES 2

Cyber Elite
Cyber Elite

FIDO2 support was introduced in GP 6.3

in older versions (6.2 and earlier), you can configure to use the system native browser instead of the embedded browser for FIDO2. Most regular browsers (chrome, edge, FF,..) will support FIDO2

 

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

L3 Networker

Hello @reaper 

Thank you for your reply.

 

Am I correct in understanding that the following is supported for each OS (Win10/Win11/macOS/iPhone/iPad/Android)?

- When using a browser other than the Embedded Browser, FIDO2 authentication is possible with all GP versions (GP version is irrelevant)

- When using the Embedded Browser, FIDO2 authentication is possible with certain GP versions (※1) (※2)

 

(※1) GP versions that state "Embedded Browser Framework Upgrade" in the documentation

(※2) macOS is not supported.

  • 438 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!